1. (Currenlly Amended) A method for the secure distribution of digitised audio-visual woiks 
("modia") to consumers over a data network comprising tiie steps of: 

encrypting said dipiiised audio-visual works aedk using a different encryption key for 
each wor k ("modia k e y^ , 

storing the encrypted Hiritised audio- visual works media on one or more first servers, 
storing the media encivption keys on a second server, 

Tn:*ifing available one ov more retail servers from which consumers may obtain the right 
to receive the media encryption keys for desired media in exchange for complying with 
conditions set by tiie retails, 

creating steering files corresponding to each Hioitised audio-visual works modia work and 
its corresponding encryption key, said steering files containkg information identifying the 
dipitised audio-visual work m odia work and the location of the feedia encryption key and the ! 
locadon of the corresponding digitised aud io-visual media work, 

making available said steering files on said one or more retail servers, 

the consumer causing a request to be made from a network-connected cUent device to a 
selected retaU server for at least the »edia encryption key for a desired digitised audig-visual 
metowork, 

said steering files when processed on said client device causing a request to be made to 
said second server for the key for the Hipiti.;fid audio-visual isedia work identified in the steering 
file and causing the cUent device to generate said request to the first server identified m said ; 
steaing file to supply the encrypted digitised aud io-visual media work, 

at the selected retail server, verifying the consumer has complied with the retailei's 
conditions, and if so, 

the retail server either passing said request to the second server, or supplying to the clijent 
device data allowing the second server to be contacted, 

at said second server verifying the allowabiUty of fiilfilling requests from said retail | 
server or a client device and if so allowable encrypting the relevant media enc^yptio^ key and' 
downloading it to either said retail server or said client device, 

said retail server if receiving an encrypted media encryption key from said second server, 
downloading said encrypted media encryption key to said client device, 

at the client device decrypting the received media encryption key and storing it in 
memory in eidier encrypted or decrypted form, 

subsequently, at the cUent device generating a request to the appjopriate first server tq 
supply the desired digitised audio-visual media work, ' 

from the first senrer downloading the desired encrypted digitised audio-visual media J 
work downloading the encrypted Hi pitised audio-visual media work to said cUent device, and; 



at the client device letrieving the media encrvpftion key from said memory and using it to 
decrypt the digitised audio-visual m e dia work to a condition where it can be played using 
appropriate player software. 

2. (Currently Amended) A method according to claim 1 wherein at the cUent device 
the encrypted media key is stored in memory in encrypted form and vAen the encrypted digitised 
audio-visual media work is downloaded to said client device the encrypted media key is retrieved 
from memory, decrypted and used to decrypt the digitised au dio-visual media woric. 

3. Cancelled 

4. Cancelled 

5. (Currently Amended) A method according to either of claims 1 or 2 wherein said 
second server encrypts m e dia encryption keys for consumers using a public key encryption 
algorithm and when said client device generates a request to ei&er said retail server or said 
second server for a m e dia encrvption key it includes in the request the consumer's public key, 
said second server encrypting the relevant media encrvption key with the consumers public key 
and upon receipt of said encrypted media encrvption key said client device decrypting the key 
using the consumer's private key. 

6. (Currently Amended) A method as claimed in either of claims 1 or 2 wherein the 
client device stores the m e dia encryption key in volatile memory. 

7. (Original) A method according to either of claims 1 or 2 wherein said retail server 
passes received client device requests to said second server and said second server upon . 
verifying the allowability of fulfilling requests from said retail server downloading the encrypted 
modia encrvption key to said retail server. 



8. (Cancelled) 

9. (CanceUed) 

10. (CanceUed) 



